Fixed value for SA_SUPPBULKREP access area.

[fa-stable.git] / inventory / cost_update.php

diff --git a/inventory/cost_update.php b/inventory/cost_update.php
index bfaf0f33b986a957604e2ea714f35fa5a20f430c..1c05c3bbecffd04dbf38e8af870aefb747c1ea11 100644 (file)
--- a/inventory/cost_update.php
+++ b/inventory/cost_update.php
@@ -23,7 +23,7 @@ include_once($path_to_root . "/inventory/includes/inventory_db.inc");
 $js = "";
 if ($use_popup_windows)
        $js .= get_js_open_window(900, 500);
-page(_("Inventory Item Cost Update"), false, false, "", $js);
+page(_($help_context = "Inventory Item Cost Update"), false, false, "", $js);
 
 //--------------------------------------------------------------------------------------
 
@@ -91,7 +91,7 @@ set_global_stock_item($_POST['stock_id']);
 $sql = "SELECT description, units, material_cost, labour_cost,
        overhead_cost, mb_flag
        FROM ".TB_PREF."stock_master
-       WHERE stock_id='" . $_POST['stock_id'] . "'
+       WHERE stock_id=".db_escape($_POST['stock_id']) . "
        GROUP BY description, units, material_cost, labour_cost, overhead_cost, mb_flag";
 $result = db_query($sql);
 check_db_error("The cost details for the item could not be retrieved", $sql);